Arbitrary Web Script Injection Vulnerability in Doctor Appointment System 1.0

CVE-2021-27318 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Cross Site Scripting (XSS) vulnerability in contactus.php in Doctor Appointment System 1.0 allows remote attackers to inject arbitrary web script or HTML via the lastname parameter.

Learn more about our Web App Pen Testing.